Navigating the Evolving Cyber Threat Landscape in the Middle East: Why AI Needs a human Touch
The Middle East is experiencing a period of rapid digital conversion, fueled by ambitious smart city initiatives, widespread cloud adoption, and a burgeoning fintech sector. However, this progress is accompanied by a considerably more complex and challenging cyber threat landscape.Organizations across the region are finding themselves facing increasingly elegant attacks, demanding a re-evaluation of their security strategies. While Artificial Intelligence (AI) is rightfully positioned as a critical component of modern cyber defense, its true potential is frequently enough misunderstood.
As Mark Morland, executive Vice-President for MENA, Greece & Cyprus at obrela, explains, the notion that AI can autonomously run security is a risky oversimplification.”AI is a powerful accelerator for detection and triage, but it fundamentally lacks the contextual understanding necessary to prioritize effectively, navigate complex regulations, and accurately decipher an attacker’s ultimate intent,” he cautions.
The Volume vs. Validity Challenge: Decoding the Noise
The sheer volume of security alerts generated by modern systems is overwhelming. Obrela’s Digital Universe Report for the first half of 2025 vividly illustrates this point. Analysis of 16.8 petabytes of telemetry from over half a million endpoints yielded a staggering 876,000 alerts. Yet, a closer examination revealed that onyl 11,351 – just over 1% – represented genuine attacks.
This is where AI proves its initial value. “AI effectively narrows the funnel, filtering out the noise and highlighting possibly malicious activity,” morland states. “However,its skilled security analysts who translate that filtered volume into actionable intelligence.” Without robust governance, continuous tuning, and crucially, human oversight, AI can introduce its own set of problems – including model drift, false positives, and unpredictable behavior. It’s a potent tool, but one that requires careful management.
Regional Nuance: The Critical Need for Localized AI
The importance of human oversight is amplified when considering the unique characteristics of the Middle Eastern cyber threat landscape. Obrela’s data reveals that the region accounted for 18.27% of all attacks observed in the first half of 2025. Significantly,over a third of these threats were tied to industry-specific behaviors,and a considerable portion originated from suspicious internal activity.
Telecoms, retail, and shipping sectors, in particular, exhibited distinct patterns that generic, globally-trained AI models simply cannot detect. “Threats in the Gulf region don’t mirror those in Europe or the US,” Morland emphasizes. “AI models must be specifically trained to recognize the tactics, techniques, and procedures (TTPs) employed by attackers operating within this region – their language, infrastructure, and methods for blending into local systems.A ‘one-size-fits-all’ approach is demonstrably ineffective.”
This necessitates a shift towards localized AI models, continuously updated with regional threat intelligence and adapted to the specific nuances of the Middle Eastern digital habitat.
The Hybrid Security Operations Center (SOC): The Future of Cyber Resilience
The most effective security posture, thus, is a hybrid one. This involves seamlessly integrating AI-driven automation with the critical thinking and judgment of experienced security professionals.
“AI will evolve into a genuine intelligence layer as behavioral baselining capabilities improve,” Morland predicts.”But humans will remain responsible for validating AI outputs, interpreting subtle nuances, and ensuring that security decisions align with overall business risk.”
This hybrid approach is particularly vital for sectors like energy, finance, and government, where stringent data sovereignty regulations and the increasing convergence of Operational Technology (OT) and Information Technology (IT) introduce additional layers of complexity. Investing in a robust cyber talent pipeline – one that equips analysts with the skills to interpret AI outputs, investigate anomalies, and effectively manage incidents with regional awareness – is paramount.
Workflow Integration: Making AI a Seamless Part of the security Fabric
Morland stresses that AI’s effectiveness is maximized when it’s deeply integrated into existing security workflows, rather than being treated as a standalone solution. “Machines excel at detection, but humans must lead the investigation to ensure rapid and accurate containment.”
For Middle eastern enterprises, the message is clear: AI is a transformative force in cybersecurity, but its true value is unlocked by the expertise that guides it. As Morland succinctly puts it: “AI can predict, automate, and scale, but only humans can understand the bigger picture.”
The Evolving Threat Landscape: Scalability and Stealth
Beyond the need for a human-AI partnership,
